Amol Deshmukh created AURORA-1576:
-------------------------------------
Summary: Allow for plugging in cli-configurable filters that are
invoked post shiro filters.
Key: AURORA-1576
URL: https://issues.apache.org/jira/browse/AURORA-1576
Project: Aurora
Issue Type: Task
Reporter: Amol Deshmukh
Currently, the command line option {{shiro_realm_modules}} allows plugging in
custom modules that can extend/configure the http security functionality.
However, loading such modules from within a {{ShiroWebModule}} prevents
plugging in a Guice module that extends {{ServletModule}} due to a Guice
limitation ^✝^. This makes it impossible to register a custom filter ^✝✝^ that
intercepts the request post the shiro filter chain via the shiro_realm_modules
hook.
✝ ~HttpSecurityModule is a ServletModule which loads the shiro_real_modules via
ShiroWebModule which is a PrivateModule. While Guice allows registering nested
ServletModules, it does not allow registering nested ServletModules via an
intervening PrivateModule. A similar issue has been reported as [Guice issue
#639|https://github.com/google/guice/issues/639].~
✝✝ ~Such a filter may be used, for example, to implement a delegation mechanism
by inspecting custom headers in the request.~
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
